| Governance Risk Compliance (GRC) _ Cincinnati, OH at Cincinnati, Ohio, USA |
| Email: [email protected] |
| Greetings, We have the below requirement with our Client. Kindly go through the JD below and let me know your interest Role name: Developer Cincinnati, OH Duration: Contract Role Description: Technical: Continuingly review, refine, and recommend improvements to the Information Security operating model, enterprise policies, standards, and processes to providing reporting and recommendations to the CIO, CISO, and senior leadership to reduce the risk to the enterprise. Basic knowledge and understanding of risk assessment and control methods. Basic knowledge and understanding of how information security affects an organization and ability to link it to business processes. Strong Understanding of vulnerability management. 2-3 years of regulatory requirements and frameworks such as ISO 27001, ISO 27002, PCI, CIS, SOX, HIPPA, ISO, NIST, COBIT, GDPR or NIST Cyber Security Framework (CSF). Basic knowledge and understanding of information security policies, standards and processes. Basic knowledge and understanding of end-user computing tools, hardware, application software, network, communications and mobile technologies. Understanding of security technologies such as firewalls, IDS, IPS, encryption, IDAM, SIEM, etc. SANS 401 2+ years of experience in a GRC discipline. One year of work in a Governance, Risk, Compliance (GRC) function in a highly regulated environment. Proven success implementing security policies, standards, and/or controls. Experience in one or more of the following areas preferred: network administration, systems administration, SDLC/secure soft, encryption, asset management, identity and access management, Audit, Governance Risk & Compliance, IT Operations, Security Risk Management. Minimum of 3+ years of experience in security or IT/OT. Non-Technical: Ability to translate strategy into actionable plans impact organizational change. Ability to work across the organization, building relationships and influencing peers and management through establishing trust and credibility. Ability to drive discussions and influence decision making; strong presentation and reporting skills. Proficient in technical writing and leveraging various creative mechanisms to communicate to diverse audiences. Ability to communicate with and create documentation for technical and non-technical audiences. Practical experience implementing NIST, ISO or other industry standards Certification such as CISM, CISSP, CISA, CRISC, CISSP. Additional language capabilities/fluency in German, Spanish, and Portuguese a plus. Experience using a GRC tool (i.e. Archer, Lock path). Understanding and knowledge of Sarbanes-Oxley, GDPR (General Data Protection Regulation) and IT General Controls. Knowledge of third-party auditing, such as cloud, and risk assessment methodologies. Competencies: Digital : Data Governance Experience (Years): 6-8 Best Regards, Jessica |Sr Techical Recruiter| Email: [email protected] Siri InfoSolutions Inc , 3 Ethel Rd, Suite # 302, Edison NJ 08817. Disclaimer: We respect your online privacy. If you would like to be removed from our mailing list please reply with "Remove" in the subject and we will comply immediately. We apologize for any inconvenience caused. Please let us know if you have more than one domain. The material in this e-mail is intended only for the use of the individual to whom it is addressed and may contain information that is confidential, privileged, and exempt from disclosure under applicable law. If you are not the intended recipient, be advised that the unauthorized use, disclosure, copying, distribution, or the taking of any action in reliance on this information is strictly prohibited. We are an equal opportunity employer with a diverse workforce. Note : Any resume submitted by Siriinfo is presented with the understanding that the candidate is being considered for your direct end-client (end-client is the company where the work will be performed). If there is any other company involved between the end-client and your company, please do not submit this resume without our written approval. If you submit the resume to another third party, Siriinfo reserves the right to work with the third party directly. -- Keywords: information technology golang New Jersey Ohio Governance Risk Compliance (GRC) _ Cincinnati, OH [email protected] |
| [email protected] View all |
| Tue May 21 19:44:00 UTC 2024 |